WHITE-BOX SECURITY INVESTIGATION

White-box security training provides a strong introduction of how sophisticated attacks, like computational data analysis (side-channel) or meaningful fault injection, can affect a white-box cryptography implementation. Not a cryptography expert? Don’t worry! With balanced theoretical and practical sessions, this training course will provide you with a strong understanding of how attacks on white-box cryptography can be realised, from the mobile application to the secret key. If you want an extra day for an introduction on statistical attacks (DPA, CPA) and fault injections (DFA), you just ask!

White-box security has increasingly become an option for implementing strong algorithms in software on non-secure platforms. Quite popular in applications with DRM (Digital Right Management) exposure, it has become a serious option when implementing mobile payment applications, such as HCE (Host-Based Card Emulation). Aiming at maintaining a strong security level while running on insecure platforms, a white-box cryptography implementation is potentially subject to sophisticated attacks.